Re: [munin-users] netstat & netstat_multi plugins

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

On Friday, 2013-06-21 at 01:02:47 -0700, Grant wrote:

> Ah, thank you!  The following previously non-working plugins all work
> if I add 'user root' to each of their configs:

> proc, netstat, netstat_multi, swap, courier_, if_, if_err_

> Is that safe?

Well, they are normally not run with superuser rights because they don't
need it, not because they are dangerous.

But let me turn this question around - your server is probably running
grsecurity for a reason. And you want to run those plugins with *less*
security. Doesn't sound like a good idea to me.

The "right" way would be to write grsecurity settings for those plugins.
Which AFAIK is a non-trivial undertaking. And out of the scope of this
mailing list.

Lupe Christoph
-- 
| It is a well-known fact in any organisation that, if you want a job    |
| done, you should give it to someone who is already very busy.          |
| Terry Pratchett, "Unseen Academicals"                                  |